The crash happens because of incorrect max_length calculation
in QUOTE function(due to overflow). max_length is set
to 0 and it leads to assert failure.
The fix is to cast expression result to
ulonglong variable and adjust it if the
result exceeds MAX_BLOB_WIDTH.


mysql-test/r/func_str.result:
  test case
mysql-test/t/func_str.test:
  test case
sql/item_strfunc.h:
  cast expression result to ulonglong variable and
  adjust it if the result exceeds MAX_BLOB_WIDTH.

by sort and fulltext keys.

Min value for myisam_sort_buffer_size is 4096.

Repairing MyISAM table with fulltext indexes and low
myisam_sort_buffer_size may crash the server.

Estimation of number of index entries was done incorrectly,
causing further assertion failure or server crash.

Docs note: min value for myisam_sort_buffer_size has been
changed from 4 to 4096.

mysql-test/r/fulltext.result:
  A test case for BUG#51866.
mysql-test/r/myisam.result:
  Min value for myisam_sort_buffer_size is 4096.
mysql-test/r/variables.result:
  Min value for myisam_sort_buffer_size is 4096.
mysql-test/suite/sys_vars/r/myisam_sort_buffer_size_basic_32.result:
  Min value for myisam_sort_buffer_size is 4096.
mysql-test/t/fulltext.test:
  A test case for BUG#51866.
sql/mysqld.cc:
  Min value for myisam_sort_buffer_size is 4096.
storage/myisam/mi_check.c:
  When estimating number of index entries for external
  fulltext parser, take into account that key_length may
  be bigger than myisam_sort_buffer_size. Reuse logic
  from _create_index_by_sort(): force MIN_SORT_BUFFER to
  be min value for myisam_sort_buffer_size.
  
  Another problem is that ftkey_nr has no other meaning
  than serial number of fulltext index starting with 1.
  We can't say if this key using built-in or external
  parser basing on it's value. In other words we always
  entered if-branch for external parser. At this point,
  the only way to check if we use default parser is to
  compare keyinfo::parser with &ft_default_parser.
storage/myisam/sort.c:
  Get rid of MIN_SORT_MEMORY, use MIN_SORT_BUFFER instead
  (defined in myisamdef.h, has the same value and purpose).

Invalid memory read if HANDLER ... READ NEXT is executed
after failed (e.g. empty table) HANDLER ... READ FIRST.

The problem was that we attempted to perform READ NEXT,
whereas there is no pivot available from failed READ FIRST.

With this fix READ NEXT after failed READ FIRST equals
to READ FIRST.

This bug affects MyISAM tables only.

mysql-test/r/gis-rtree.result:
  Restore a test case for BUG51357.
mysql-test/r/handler_myisam.result:
  A test case for BUG#51877.
mysql-test/t/gis-rtree.test:
  Restore a test case for BUG51357.
mysql-test/t/handler_myisam.test:
  A test case for BUG#51877.
storage/myisam/mi_rnext.c:
  "search first" failed. This means we have no pivot for
  "search next", or in other words MI_INFO::lastkey is
  likely uninitialized.
  
  Normally SQL layer would never request "search next" if
  "search first" failed. But HANDLER may do anything.
  
  As mi_rnext() without preceeding mi_rkey()/mi_rfirst()
  equals to mi_rfirst(), we must restore original state
  as if failing mi_rfirst() was not called.

When MyISAM writes newly created index page it may be
initialized partially. In other words some bytes of
sensible data and uninitialized tail of the page may
go into index file.

Under certain rare circumstances these hunks of memory
may contain data that would be otherwise inaccessible
to user, like passwords or data from other tables.

Fixed by initializing memory for temporary MyISAM key
buffer to '\0'.

No test case for this fix as it is heavily covered by
existing tests.

storage/myisam/mi_open.c:
  When creating new MI_INFO object, initialize MI_INFO::buff.
  This is done to ensure that we never write uninitialized
  memory hunks to index file.
storage/myisam/mi_page.c:
  No need to silence memory error detector anymore,
  page buffer is always initialized.
storage/myisam/mi_write.c:
  Fixed invalid memory read of 2 bytes. new_right_length
  is length of data on a page, including first 2 bytes
  that store this length itself. pos + k_length is pure
  data excluding these 2 bytes containing length.
storage/myisam/rt_index.c:
  To avoid uninitialized data write, create new page
  on info->buff, instead of locally allocated buffer.
  
  Note: second key block on info->buff is used here,
  because first block is used by called functions.
storage/myisam/rt_split.c:
  To avoid uninitialized data write, create new page
  on info->buff, instead of locally allocated buffer.

Detailed revision comments:

r6822 | vasil | 2010-03-15 10:17:31 +0200 (Mon, 15 Mar 2010) | 12 lines
branches/5.1:

Typecast to silence a compiler warning:

row/row0sel.c: 4548
        C4244: '=' : conversion from 'float' to 'ib_ulonglong', possible loss of data
row/row0sel.c: 4553
        C4244: '=' : conversion from 'double' to 'ib_ulonglong', possible loss of data

Reported by:	Jonas Oreland <Jonas.Oreland@Sun.COM>
Discussed with:	Sunny Bains <sunny.bains@oracle.com>

Detailed revision comments:

r6785 | vasil | 2010-03-10 09:04:38 +0200 (Wed, 10 Mar 2010) | 11 lines
branches/5.1:

Add the missing --reap statements in innodb_bug38231.test. Probably MySQL
enforced the presence of those recently and the test started failing like:

  main.innodb_bug38231                     [ fail ]
          Test ended at 2010-03-10 08:48:32
  
  CURRENT_TEST: main.innodb_bug38231
  mysqltest: At line 49: Cannot run query on connection between send and reap

r6788 | vasil | 2010-03-10 10:53:21 +0200 (Wed, 10 Mar 2010) | 8 lines
branches/5.1:

In innodb_bug38231.test: replace the fragile sleep 0.2 that depends on timing
with a more robust condition which waits for the TRUNCATE and LOCK commands
to appear in information_schema.processlist. This could also break if there
are other sessions executing the same SQL commands, but there are none during
the execution of the mysql test.

Detailed revision comments:

r6783 | jyang | 2010-03-09 17:54:14 +0200 (Tue, 09 Mar 2010) | 9 lines
branches/5.1: Fix bug #47621 "MySQL and InnoDB data dictionaries
will become out of sync when renaming columns". MySQL does not
provide new column name information to storage engine to
update the system table. To avoid column name mismatch, we shall
just request a table copy for now.

rb://246 approved by Marko.

Detailed revision comments:

r6780 | vasil | 2010-03-08 19:13:20 +0200 (Mon, 08 Mar 2010) | 4 lines
branches/5.1:

Whitespace fixup.

Detailed revision comments:

r6774 | calvin | 2010-03-03 23:56:10 +0200 (Wed, 03 Mar 2010) | 2 lines
branches/5.1: fix bug#51653: outdated reference to set-variable
Non functional change.

If the listed columns in the view definition of 
the table used in a 'INSERT .. SELECT ..'
statement mismatched, a debug assertion would
trigger in the cache invalidation code
following the failing statement.

Although the find_field_in_view() function
correctly generated ER_BAD_FIELD_ERROR during
setup_fields(), the error failed to propagate
further than handle_select(). This patch fixes
the issue by adding a check for the return
value.


mysql-test/r/query_cache_with_views.result:
  * added test for bug 46615
mysql-test/t/query_cache_with_views.test:
  * added test for bug 46615
sql/sql_parse.cc:
  * added check for handle_select() return code before attempting to invalidate the cache.

The crash happens because greedy_serach
can not determine best plan due to
wrong inner table dependences. These
dependences affects join table sorting
which performs before greedy_search starting.
In our case table which has real 'no dependences'
should be put on top of the list but it does not
happen as inner tables have no dependences as well.
The fix is to exclude RAND_TABLE_BIT mask from
condition which checks if table dependences
should be updated.


mysql-test/r/join.result:
  test result
mysql-test/t/join.test:
  test case
sql/sql_select.cc:
  RAND_TABLE_BIT mask should not be counted as it
  prevents update of inner table dependences.
  For example it might happen if RAND() function
  is used in JOIN ON clause.

  col equal to itself!

There's no need to copy the value of a field into itself.
While generally harmless (except for some performance penalties)
it may be dangerous when the copy code doesn't expect this.
Fixed by checking if the source field is the same as the destination
field before copying the data.
Note that we must preserve the order of assignment of the null 
flags (hence the null_value assignment addition).

The reason of the failure was apparent flaw in that a pointer to an uninitialized buffer was
passed to DBUG_PRINT of Protocol_text::store().

Fixed with splitting the print-out into two branches: 
one with length zero of the problematic arg and the rest.


sql/protocol.cc:
  correcting DBUG_PRINT to print out `from' with a care because one may be uninitialized in the caller.

Problem: caseup_multiply and casedn_multiply members      
were not initialized for a dynamic collation, so          
UPPER() and LOWER() functions returned empty strings.      
Fix: initializing the members properly.

Adding tests:
  mysql-test/r/ctype_ldml.result
  mysql-test/t/ctype_ldml.test

Applying the fix:
  mysys/charset.c

           for InnoDB

Patch to fix result files for the binlog suite under row-
based replication.

Bug #49910: Behavioural change in SELECT/WHERE on YEAR(4) data type                                  
(Original patch by Sinisa Milivojevic)

The YEAR(4) value of 2000 was equal to the "bad" YEAR(4) value of 0000.                              

The get_year_value() function has been modified to not adjust bad                                    
YEAR(4) value to 2000.


mysql-test/r/type_year.result:
  Test case for bug #49910.
mysql-test/t/type_year.test:
  Test case for bug #49910.
sql/item_cmpfunc.cc:
  Bug #49910: Behavioural change in SELECT/WHERE on YEAR(4) data type                                  
  
  The get_year_value() function has been modified to not adjust bad                                    
  YEAR(4) value to 2000.

comments to rpl_show_slave_running test are added to ease merging

The problem is that when we make conditon for
grouped result const part of condition is cut off.
It happens because some parts of 'having' condition
which refer to outer join become const after
make_join_statistics. These parts may be lost
during further having condition transformation
in JOIN::exec. The fix is adding 'having'
condition check for const tables after
make_join_statistics is performed.


mysql-test/r/having.result:
  test case
mysql-test/t/having.test:
  test result
sql/sql_select.cc:
  added 'having' condition check for const tables
  after make_join_statistics is performed.

DBUG_SYNC_POINT has at least one strong limitation that it's not defined
on all platforms. It has issues cooperating with @@debug.
All in all its functionality is superseded by DEBUG_SYNC facility and
there is no reason to maintain the old less flexible one.

Fixed with adding debug_sync_set_action() function as a facility to set up
a sync-action in the server sources code and re-writing existing simulations
(found 3) to use it.
Couple of tests have been reworked as well.

The patch offers a pattern for setting sync-points in replication threads
where the standard DEBUG_SYNC does not suffice to reach goals.





mysql-test/extra/rpl_tests/rpl_get_master_version_and_clock.test:
  rewriting the test from GET_LOCK()-based to DEBUG_SYNC-based;
  a pattern of usage DEBUG_SYNC for replication testing is provided.
mysql-test/suite/rpl/r/rpl_get_master_version_and_clock.result:
  results are changed.
mysql-test/suite/rpl/t/rpl_get_master_version_and_clock.test:
  rewriting the test from GET_LOCK()-based to DEBUG_SYNC-based;
  limiting the test to run only with MIXED binlog-format as the test last
  some 10 secs sensitively contributing to the total of tests run.
mysql-test/suite/rpl/t/rpl_show_slave_running.test:
  rewriting the test from GET_LOCK()-based to DEBUG_SYNC-based.
sql/debug_sync.cc:
  adding debug_sync_set_action() function as a facility to set up
  a sync-action in the server sources code.
sql/debug_sync.h:
  externalizing debug_sync_set_action().
sql/item_func.cc:
  purging sources from DBUG_SYNC_POINT.
sql/mysql_priv.h:
  purging sources from DBUG_SYNC_POINT.
sql/slave.cc:
  rewriting failure simulations to base on DEBUG_SYNC rather than GET_LOCK()-based DBUG_SYNC_POINT.
sql/sql_repl.cc:
  removing an orphan failure simulation line because no counterpart in tests existing.

This has been back-ported from 6.0 as the problems proved to afflict 
5.1 as well.
The fix exposed two new bugs. They were reported as follows.
      
Bug no 52174: Sometimes wrong plan when reading a MAX value 
from non-NULL index
      
Bug no 52173: Reading NULL value from non-NULL index gives wrong 
result in embedded server 
      
Both bugs taken together affect a much smaller class of queries than #47762, 
so the fix stays for now.

Optimizer erroneously translated LEFT JOIN into INNER JOIN.
It leads to cutting rows with NULL right side. It happens
because Item_row uses not_null_tables() method form the
base(Item) class and does not calculate 'null tables'
properly. The fix is adding calculation of 'not null tables'
to Item_row.


mysql-test/r/join_outer.result:
  test result
mysql-test/t/join_outer.test:
  test case
sql/item_row.cc:
  adding calculation of 'not null tables' to Item_row.
sql/item_row.h:
  adding calculation of 'not null tables' to Item_row.

The crash happens because of discrepancy between values of
conts_tables and join->const_table_map(make_join_statisctics).
Calculation of conts_tables used condition with
HA_STATS_RECORDS_IS_EXACT flag check. Calculation of
join->const_table_map does not use this flag check.
In case of MERGE table without union with index
the table does not become const table and
thus join_read_const_table() is not called
for the table. join->const_table_map supposes
this table is const and later in make_join_select
this table is used for making&calculation const
condition. As table record buffer is not populated
it leads to crash.
The fix is adding a check if an engine supports
HA_STATS_RECORDS_IS_EXACT flag before updating
join->const_table_map.


mysql-test/r/merge.result:
  test result
mysql-test/t/merge.test:
  test case
sql/sql_select.cc:
  adding a check if an engine supports
  HA_STATS_RECORDS_IS_EXACT flag before updating
  join->const_table_map.

reverse DNS lookup of "localhost" returns "broadcasthost" on Snow Leopard, and NULL on most others.
Simply ignore the output, as this is not an essential part of UDF testing.

for general use.


mysql-test/Makefile.am:
  Adding directories of additional test suites
mysql-test/mysql-stress-test.pl:
  Adding check for additional errors checking during test run